[ovs-dev] [PATCH v2] datapath-windows: Add original conntrack tuple to FlowKey
Guru Shetty
guru at ovn.org
Thu Jun 8 18:07:25 UTC 2017
On 2 June 2017 at 10:37, Sairam Venugopal <vsairam at vmware.com> wrote:
> Add the original tuple to Flow Key. In case of ICMP and UDP, default the
> parent entry to NULL until related connections is supported.
>
> Signed-off-by: Sairam Venugopal <vsairam at vmware.com>
>
Applied, thanks!
> ---
> datapath-windows/ovsext/Conntrack.c | 35 ++++++++++++++++++++-----
> datapath-windows/ovsext/DpInternal.h | 1 +
> datapath-windows/ovsext/Flow.c | 50 ++++++++++++++++++++++++++++++
> ++++--
> 3 files changed, 78 insertions(+), 8 deletions(-)
>
> diff --git a/datapath-windows/ovsext/Conntrack.c
> b/datapath-windows/ovsext/Conntrack.c
> index dce0c1b..609ae5a 100644
> --- a/datapath-windows/ovsext/Conntrack.c
> +++ b/datapath-windows/ovsext/Conntrack.c
> @@ -198,7 +198,7 @@ OvsCtEntryCreate(PNET_BUFFER_LIST curNbl,
> }
>
> state |= OVS_CS_F_NEW;
> - POVS_CT_ENTRY parentEntry = NULL;
> + POVS_CT_ENTRY parentEntry;
> parentEntry = OvsCtRelatedLookup(ctx->key, currentTime);
> if (parentEntry != NULL) {
> state |= OVS_CS_F_RELATED;
> @@ -209,10 +209,10 @@ OvsCtEntryCreate(PNET_BUFFER_LIST curNbl,
> if (!entry) {
> return NULL;
> }
> - /* If this is related entry, then update parent */
> - if (parentEntry != NULL) {
> - entry->parent = parentEntry;
> - }
> +
> + /* Set parent entry for related FTP connections */
> + entry->parent = parentEntry;
> +
> OvsCtAddEntry(entry, ctx, currentTime);
> *entryCreated = TRUE;
> }
> @@ -235,6 +235,9 @@ OvsCtEntryCreate(PNET_BUFFER_LIST curNbl,
> if (!entry) {
> return NULL;
> }
> +
> + /* XXX Add support for ICMP-Related */
> + entry->parent = NULL;
> OvsCtAddEntry(entry, ctx, currentTime);
> *entryCreated = TRUE;
> }
> @@ -250,6 +253,9 @@ OvsCtEntryCreate(PNET_BUFFER_LIST curNbl,
> if (!entry) {
> return NULL;
> }
> +
> + /* Default UDP related to NULL until TFTP is supported */
> + entry->parent = NULL;
> OvsCtAddEntry(entry, ctx, currentTime);
> *entryCreated = TRUE;
> }
> @@ -586,8 +592,8 @@ OvsProcessConntrackEntry(PNET_BUFFER_LIST curNbl,
> } else {
> POVS_CT_ENTRY parentEntry;
> parentEntry = OvsCtRelatedLookup(ctx->key, currentTime);
> + entry->parent = parentEntry;
> if (parentEntry != NULL) {
> - entry->parent = parentEntry;
> state |= OVS_CS_F_RELATED;
> }
> }
> @@ -702,6 +708,23 @@ OvsCtExecute_(PNET_BUFFER_LIST curNbl,
> }
> }
>
> + /* Add original tuple information to flow Key */
> + if (entry && entry->key.dl_type == ntohs(ETH_TYPE_IPV4)) {
> + OVS_CT_KEY *ctKey;
> + if (entry->parent != NULL) {
> + POVS_CT_ENTRY parent = entry->parent;
> + ctKey = &parent->key;
> + } else {
> + ctKey = &entry->key;
> + }
> +
> + key->ct.tuple_ipv4.ipv4_src = ctKey->src.addr.ipv4_aligned;
> + key->ct.tuple_ipv4.ipv4_dst = ctKey->dst.addr.ipv4_aligned;
> + key->ct.tuple_ipv4.src_port = ctKey->src.port;
> + key->ct.tuple_ipv4.dst_port = ctKey->dst.port;
> + key->ct.tuple_ipv4.ipv4_proto = ctKey->nw_proto;
> + }
> +
> if (entryCreated && entry) {
> OvsPostCtEventEntry(entry, OVS_EVENT_CT_NEW);
> }
> diff --git a/datapath-windows/ovsext/DpInternal.h
> b/datapath-windows/ovsext/DpInternal.h
> index 9d1a783..743891c 100644
> --- a/datapath-windows/ovsext/DpInternal.h
> +++ b/datapath-windows/ovsext/DpInternal.h
> @@ -199,6 +199,7 @@ typedef __declspec(align(8)) struct OvsFlowKey {
> UINT32 mark;
> UINT32 state;
> struct ovs_key_ct_labels labels;
> + struct ovs_key_ct_tuple_ipv4 tuple_ipv4;
> } ct; /* Connection Tracking Flags */
> } OvsFlowKey;
>
> diff --git a/datapath-windows/ovsext/Flow.c b/datapath-windows/ovsext/
> Flow.c
> index 96ff9fa..80f5676 100644
> --- a/datapath-windows/ovsext/Flow.c
> +++ b/datapath-windows/ovsext/Flow.c
> @@ -180,6 +180,10 @@ const NL_POLICY nlFlowKeyPolicy[] = {
> [OVS_KEY_ATTR_CT_LABELS] = {.type = NL_A_UNSPEC,
> .minLen = sizeof(struct
> ovs_key_ct_labels),
> .maxLen = sizeof(struct
> ovs_key_ct_labels),
> + .optional = TRUE},
> + [OVS_KEY_ATTR_CT_ORIG_TUPLE_IPV4] = {.type = NL_A_UNSPEC,
> + .minLen = sizeof(struct
> ovs_key_ct_tuple_ipv4),
> + .maxLen = sizeof(struct
> ovs_key_ct_tuple_ipv4),
> .optional = TRUE}
> };
> const UINT32 nlFlowKeyPolicyLen = ARRAY_SIZE(nlFlowKeyPolicy);
> @@ -887,6 +891,12 @@ MapFlowKeyToNlKey(PNL_BUFFER nlBuf,
> rc = STATUS_UNSUCCESSFUL;
> goto done;
> }
> + if (!NlMsgPutTailUnspec(nlBuf, OVS_KEY_ATTR_CT_ORIG_TUPLE_IPV4,
> + (PCHAR)(&flowKey->ct.tuple_ipv4),
> + sizeof(struct ovs_key_ct_tuple_ipv4))) {
> + rc = STATUS_UNSUCCESSFUL;
> + goto done;
> + }
>
> if (flowKey->dpHash) {
> if (!NlMsgPutTailU32(nlBuf, OVS_KEY_ATTR_DP_HASH,
> @@ -1447,7 +1457,15 @@ _MapKeyAttrToFlowPut(PNL_ATTR *keyAttrs,
> if (keyAttrs[OVS_KEY_ATTR_CT_LABELS]) {
> const struct ovs_key_ct_labels *ct_labels;
> ct_labels = NlAttrGet(keyAttrs[OVS_KEY_ATTR_CT_LABELS]);
> - RtlCopyMemory(&destKey->ct.labels, ct_labels, sizeof(struct
> ovs_key_ct_labels));
> + NdisMoveMemory(&destKey->ct.labels, ct_labels,
> + sizeof(struct ovs_key_ct_labels));
> + }
> +
> + if (keyAttrs[OVS_KEY_ATTR_CT_ORIG_TUPLE_IPV4]) {
> + const struct ovs_key_ct_tuple_ipv4 *tuple_ipv4;
> + tuple_ipv4 = NlAttrGet(keyAttrs[OVS_KEY_
> ATTR_CT_ORIG_TUPLE_IPV4]);
> + NdisMoveMemory(&destKey->ct.tuple_ipv4, tuple_ipv4,
> + sizeof(struct ovs_key_ct_tuple_ipv4));
> }
>
> /* ===== L2 headers ===== */
> @@ -1988,7 +2006,15 @@ OvsGetFlowMetadata(OvsFlowKey *key,
> if (keyAttrs[OVS_KEY_ATTR_CT_LABELS]) {
> const struct ovs_key_ct_labels *ct_labels;
> ct_labels = NlAttrGet(keyAttrs[OVS_KEY_ATTR_CT_LABELS]);
> - RtlCopyMemory(&key->ct.labels, ct_labels, sizeof(struct
> ovs_key_ct_labels));
> + NdisMoveMemory(&key->ct.labels, ct_labels,
> + sizeof(struct ovs_key_ct_labels));
> + }
> +
> + if (keyAttrs[OVS_KEY_ATTR_CT_ORIG_TUPLE_IPV4]) {
> + const struct ovs_key_ct_tuple_ipv4 *tuple_ipv4;
> + tuple_ipv4 = NlAttrGet(keyAttrs[OVS_KEY_
> ATTR_CT_ORIG_TUPLE_IPV4]);
> + NdisMoveMemory(&key->ct.tuple_ipv4, tuple_ipv4,
> + sizeof(struct ovs_key_ct_tuple_ipv4));
> }
>
> return status;
> @@ -2461,6 +2487,8 @@ FlowEqual(OvsFlow *srcFlow,
> srcFlow->key.ct.mark == dstKey->ct.mark &&
> !memcmp(&srcFlow->key.ct.labels, &dstKey->ct.labels,
> sizeof(struct ovs_key_ct_labels)) &&
> + !memcmp(&srcFlow->key.ct.tuple_ipv4, &dstKey->ct.tuple_ipv4,
> + sizeof(struct ovs_key_ct_tuple_ipv4)) &&
> FlowMemoryEqual((UINT64 *)((UINT8 *)&srcFlow->key + offset),
> (UINT64 *) dstStart,
> size));
> @@ -2573,6 +2601,13 @@ OvsLookupFlow(OVS_DATAPATH *datapath,
> 0);
> *hash = OvsJhashWords((UINT32*)hash, 1, lblHash);
> }
> + if (key->ct.tuple_ipv4.ipv4_src) {
> + UINT32 tupleHash = OvsJhashBytes(
> + &key->ct.tuple_ipv4,
> + sizeof(struct ovs_key_ct_tuple_ipv4),
> + 0);
> + *hash = OvsJhashWords((UINT32*)hash, 1, tupleHash);
> + }
> }
>
> head = &datapath->flowTable[HASH_BUCKET(*hash)];
> @@ -2745,6 +2780,9 @@ ReportFlowInfo(OvsFlow *flow,
> NdisMoveMemory(&info->key.ct.labels,
> &flow->key.ct.labels,
> sizeof(struct ovs_key_ct_labels));
> + NdisMoveMemory(&info->key.ct.tuple_ipv4,
> + &flow->key.ct.tuple_ipv4,
> + sizeof(struct ovs_key_ct_tuple_ipv4));
>
> return status;
> }
> @@ -3005,6 +3043,7 @@ OvsFlowKeyAttrSize(void)
> + NlAttrTotalSize(2) /* OVS_KEY_ATTR_CT_ZONE */
> + NlAttrTotalSize(4) /* OVS_KEY_ATTR_CT_MARK */
> + NlAttrTotalSize(16) /* OVS_KEY_ATTR_CT_LABELS */
> + + NlAttrTotalSize(13) /* OVS_KEY_ATTR_CT_ORIG_TUPLE_IPV4 */
> + NlAttrTotalSize(12) /* OVS_KEY_ATTR_ETHERNET */
> + NlAttrTotalSize(2) /* OVS_KEY_ATTR_ETHERTYPE */
> + NlAttrTotalSize(4) /* OVS_KEY_ATTR_VLAN */
> @@ -3109,6 +3148,13 @@ OvsProbeSupportedFeature(POVS_MESSAGE msgIn,
> OVS_LOG_ERROR("Invalid ct label specified.");
> status = STATUS_INVALID_PARAMETER;
> }
> + } else if (keyAttrs[OVS_KEY_ATTR_CT_ORIG_TUPLE_IPV4]) {
> + const struct ovs_key_ct_tuple_ipv4 *ct_tuple_ipv4;
> + ct_tuple_ipv4 = NlAttrGet(keyAttrs[OVS_KEY_
> ATTR_CT_ORIG_TUPLE_IPV4]);
> + if (!ct_tuple_ipv4) {
> + OVS_LOG_ERROR("Invalid ct_tuple_ipv4.");
> + status = STATUS_INVALID_PARAMETER;
> + }
> } else {
> OVS_LOG_ERROR("Feature not supported.");
> status = STATUS_INVALID_PARAMETER;
> --
> 2.9.0.windows.1
>
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
More information about the dev
mailing list